← All CVEs

CVE-2026-49468

CRITICAL 9.5

Published 2026-06-22 · Last modified 2026-06-30

LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, This vulnerability is fixed in 1.84.0.

ELEVATED IMPACT

Severe if exploited (CVSS 9.5), but no known exploitation and low modeled probability. Patch on a normal cadence.

Exploitation likelihood

0.6%chance of exploitation in 30 days · 42nd percentile

○ In CISA KEV ○ Public exploit / PoC

Impact if exploited

9.5CVSS 4.0 · CRITICAL

  • ConfidentialityHigh
  • IntegrityHigh
  • AvailabilityHigh

What an attacker needs

  • Access: Reachable over the network — no local access needed
  • Privileges: No account or privileges required
  • User interaction: No user interaction needed
  • Complexity: No special conditions — reliably repeatable
  • Requirements: Specific conditions must be present

✓ lowers the bar for an attacker · ⚠ raises it

Affected

Vendors Berriai Red Hat

Products Litellm Exploit Intelligence Red Hat Ansible Automation Platform 2 Red Hat Openshift Ai (Rhoai)

Weakness (CWE)

  • CWE-290

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Sources: NVD · CVE.org · EPSS